I would like to host my own web server with a domain name I purchased but my public IP isn’t static.

  • SleepyBear@lemmy.myspamtrap.com
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    1
    ·
    1 year ago

    I run ddclient on a local machine and it updates my Cloudflare DNS records if my IP changes.

    OPNSense has it built in too, if you use it. So does PFSense, I think. Been a while, might be misremembering.

  • Feliberto@programming.dev
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    2
    ·
    1 year ago

    I use duckdns.org , but if you are trying to host a webpage I totally recommend using Cloudflare, Cloudflare tunnels and a reverse proxy like nginx.

    Setting it up may be a bit tricky, but it is a gamechanger. I followed Ibracorp’s guides and I had no problem.

    • randy@lemmy.ca
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I’ve also been on freedns.afraid.org for many years. Back when I switched from dyndns, it wasn’t possible to get Let’s Encrypt certificates on afraid.org’s domains, but that might have changed. I worked around it by taking a domain I already owned and using a CNAME to point it at my afraid.org domain.

    • bigBananas@feddit.nl
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      2nd, but with just a bash script. Also, I’m forwarding http & https to different IPs and the best thing about cloudflare is that you can restrict those ports to only be open when coming from cloudflare’s proxy. I like the extra layer of security, and dislike that they can see all traffic…

  • hagerman@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    1
    ·
    1 year ago

    I use a Cloudflare tunnel rather than a dynamic DNS provider. Some in the self hosting community are opposed to Cloudflare, but I appreciate the tools they provide (especially Zero Trust so I can put my self hosted apps behind Okta).

  • theghostoutside_@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    1
    ·
    1 year ago

    I use DuckDNS. There’s been only one outage for the ~2 years I’ve been using it and it’s free. I also use DuckDNS to acquire the SSL certificates for the reverse proxy.

    • uyuu@lemmy.4d2.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I also use duckdns, but in the last year it went down like twice or something. Its good but not really reliable.

    • nieceandtows@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I used duckdns for my jellyfin server, but after a week or so I started getting malicious site warnings from Firefox, and had to ‘accept the risk and continue’ every time. Ended up going back to noip. It’s a pain to renew every month, but I haven’t had any other problems with it.

      • Josh@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I use noip as well, but because I only have an IP camera on that network, and the camera has built-in DDNS support for noip. But I hate it having to renew monthly.

      • axzxc1236@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        edit-2
        1 year ago

        If you mean automatically update IP part, duckdns website has a very comprehensive guide.

        If you mean getting a free SSL certificate, you can use acme.sh (this is what I used) which has integrated support for duckddns (To use let’s encrypt you need to use --server letsencrypt in your command)

  • invaliduser@forum.bruvland.com
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    your domain provider probably has an api to update dns records i use cloudflare with their api because then i can hide my ip behind their proxy or if i don’t have a public ip i can use their tunnels

  • BetterNotBigger@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    If you only need public access to things like HTTP or SSH you don’t necessarily need to run dynamic ip and just setup Cloudflare Tunnels. So far I haven’t needed to put anything public that doesn’t run on the provided tunnels.

  • lntl@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    1 year ago

    Does your domain provider have a DDNS service? I buy my domains from namecheap.com and use their DDNS service for exactly what you’re describing.

    • starkcommando@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I have NameCheap as well. I found their Windows client after I made this post. I’m still curious is there are better services out there. It seems Cloudflare may have the best tools for security for a webserver, i.e. hiding the real IP address.

      • lntl@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Cloudflare has a lot of great tools and provides service to most of the internet. Some folks don’t like how much of internet traffic is routed though Cloudflare… sort of like Google and if that’s not a bother then it may be a good choice.

    • calmluck9349@infosec.pub
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      1 year ago

      This. But I use namecheap and the built in tool on pfsense to keep an A record up to date if it ever changed.

      • starkcommando@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I have NameCheap as well. I was trying to set this up with the ddclient on OPNSense but the logs suggested it couldn’t connect to NameCheap. What do you need to authenticate other than the DDNS passcode supplied by NameCheap?

        • calmluck9349@infosec.pub
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Oof. Set this up years ago now…

          Add the hostname IE public Add the domain name IE starkcommando.com

          This will be public.starkcommando.com

          Leave username blank (this was a gotchya for me, if I recall correctly)

          Then put the generated namecheap ddns password (not your account password) that matches the record in.

          All set.

      • kamin@lemmy.kghorvath.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I should automate something like that too. I just have one A record pointing to my IP and all my subdomains CNAME’d to that so that if it ever changes, I just have to update that one record.

  • beigeoat@lemmy.zip
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    First step would be to ensure that you can do port forwarding.

    1. Check if your IP address isn’t a private one or CGNAT.
    2. Now set up reverse proxy and try connecting to your service. If it connects, you are okay.
    3. Now this is something i didn’t know could happen but it did end up happening to me. I was happily port forwarding for a few months, until suddenly my port forwarding stopped working. Now I called my ISP, they said they did nothing(my ISP is a few guys who have no Idea about what they are doing, the other option to them is 512kbps DSL connection) at this point all my ingress ports are blocked and even outgoing ssh is blocked. Then the new month starts and everything is working again. I looked at my ISP website to get an idea of what may have caused this and the case seems to be that it was the first time I crossed 100GB in uploading. So my ISP has configured things such a way that port forwarding only works for the first 100GB of uploading.

    This is why I strongly recommend cloudfare tunnel or any other similar solution.